Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-28 Thread Denes Arvay
xplanation, Andy! I’ve tested Denes’ workaround >> and it fixes the problem. >> >> Best regards, >> Elemir >> >> *From: *Andy LoPresto >> *Reply-To: *"users@nifi.apache.org" >> *Date: *Saturday, 23 February 2019 at 12:06 pm >> *To:

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-27 Thread Andy LoPresto
;> >> Best regards, >> Elemir >> >> From: Andy LoPresto mailto:alopre...@apache.org>> >> Reply-To: "users@nifi.apache.org <mailto:users@nifi.apache.org>" >> mailto:users@nifi.apache.org>> >> Date: Saturday, 23 February 2019 at 12:06 pm

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-26 Thread Denes Arvay
12:06 pm > *To: *"users@nifi.apache.org" > *Subject: *Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind > nginx > > The change was made to mitigate CVE-2018-17195 [1], which allowed a > malicious actor in a specific scenario to upload a template without

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-25 Thread Andy LoPresto
gt; > From: Andy LoPresto > Reply-To: "users@nifi.apache.org" > Date: Saturday, 23 February 2019 at 12:06 pm > To: "users@nifi.apache.org" > Subject: Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx > > The change was made to mitigate

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-24 Thread Elemir Stevko
Thanks a lot for your explanation, Andy! I’ve tested Denes’ workaround and it fixes the problem. Best regards, Elemir From: Andy LoPresto Reply-To: "users@nifi.apache.org" Date: Saturday, 23 February 2019 at 12:06 pm To: "users@nifi.apache.org" Subject: Re: Invalid CORS r

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-24 Thread Elemir Stevko
Hi Denes, Thanks a lot for checking the issue! Your workaround fixes the problem. Best regards, Elemir From: Denes Arvay Reply-To: "users@nifi.apache.org" Date: Friday, 22 February 2019 at 10:02 pm To: "users@nifi.apache.org" Subject: Re: Invalid CORS request error on N

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-22 Thread Andy LoPresto
The change was made to mitigate CVE-2018-17195 [1], which allowed a malicious actor in a specific scenario to upload a template without authorization. This could result in RCE. Denes’ suggestion about rewriting the Origin header in your proxy should work. [1] https://nifi.apache.org/security.h

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-22 Thread Denes Arvay
Hi Elemir, As a workaround you can try to overwrite the Origin header in the request to the value which is expected by NiFi, in your case it should be https://localhost. (i.e. add proxy_set_header Origin https://localhost; to your nginx config). I hope this helps, Denes On Fri, Feb 22, 2019 at 1

Re: Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-22 Thread Denes Arvay
Hi Elemir, I was able to reproduce your issue with a simple nginx-NiFi setup, both running on localhost. My guess is that the cause is that POST is missing from allowed methods list from the /process-groups/*/templates/upload path [1]. The commit which introduced this change explicitly states that

Invalid CORS request error on NiFi v1.8.0 and 1.9.0 behind nginx

2019-02-21 Thread Elemir Stevko
Hello, I have been running a single instance of NiFi server v1.7.1 on AWS behind ALB and nginx: ALB -> nginx -> NiFi The configuration has been working fine, but since NiFi v1.8.0, I get Invalid CORS request error when I try uploading a template file. Is there anything I need to change in the